Trojan.Aenjaris
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Threat Level: | 80 % (High) |
Infected Computers: | 13 |
First Seen: | September 3, 2017 |
Last Seen: | August 25, 2019 |
OS(es) Affected: | Windows |
Trojan.Aenjaris is a detection name that some AV companies use to flag a corrupted code on home PCs. The Trojan.Aenjaris malware was reported for the first time in 2014 and continued to emerge on cybersecurity reports in the following years. Trojan.Aenjaris was used as a stepping stone for other Trojans. Computers compromised by Trojan.Aenjaris could be used for DDoS attacks and work as proxies. However, the development of Bitcoin mining tools appears to have influenced the Trojan.Aenjaris’ creators given that the threat was found to mine for Bitcoin in 2015.
The payload for Trojan.Aenjaris is known to travel on the Internet as a fake network plug-in, a software update for Java/Adobe Flash and fake drivers for popular hardware. The creators of Trojan.Aenjaris are reported to use brand names like HP (Hewlett Packard), Lenovo, Acer and Asus to lure PC users into downloading corrupted drivers onto their systems. Most PC users know that drivers and specialized system plug-ins need to be installed with an administrator account. That allows Trojan.Aenjaris to gain administrative privileges and run on system boot. Trojan.Aenjaris is known to run from the Temp directory, connect to Bitcoin mining pools, and register a system service to avoid detection by AV engines. PC users who might suspect to be infected with Trojan.Aenjaris may wish to know that the threat can cause a decreased system performance and open connections to domains that lack pages and use untraditional ports. There is no uniform system for naming malware and the code associated with Trojan.Aenjaris by some is flagged by others as:
- GenericRXAZ-LB!F737B2104E0E
- HEUR/QVM41.1.1881.Malware.Gen
- TROJ_GEN.R08NC0DGC17
- TROJ_NOBADY.SM
- Troj.Downloader.W32.Upatre.tolL
- Trojan ( 005106591 )
- Trojan-Dropper.Win32.Agent.bjsqtj
- Trojan.Agent.CQST
- Trojan.Jaik.D4C74
- Trojan.MulDrop7.13215
- W32/S-56751122!Eldorado
- Win32:Dropper-gen [Drp]